ID
VAR-201011-0468
TITLE
RETIRED: AT-TFTP Server Directory Traversal Vulnerability
Trust: 0.3
sources:
BID: 44711
DESCRIPTION
AT-TFTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to retrieve arbitrary files outside of the FTP server root directory. This may aid in further attacks. AT-TFTP Server 1.8 is vulnerable; other versions may also be affected. RETIRED: This issue is retired because it is a duplicate of BID 11584.
Trust: 0.3
sources:
BID: 44711
AFFECTED PRODUCTS
| vendor: | allied | model: | telesis at-tftp server | scope: | eq | version: | 1.8 | Trust: 0.3 |
sources:
BID: 44711
THREAT TYPE
network
Trust: 0.3
sources:
BID: 44711
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 44711
EXTERNAL IDS
| db: | BID | id: | 44711 | Trust: 0.3 |
sources:
BID: 44711
REFERENCES
| url: | http://www.alliedtelesis.co.nz/support/rapier/downloads/at-tftpd.exe | Trust: 0.3 |
sources:
BID: 44711
CREDITS
Pr0T3cT10n
Trust: 0.3
sources:
BID: 44711
SOURCES
| db: | BID | id: | 44711 |
LAST UPDATE DATE
2022-05-17T02:03:36.231000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 44711 | date: | 2010-11-17T17:06:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 44711 | date: | 2010-11-06T00:00:00 |